Google's upcoming Chrome OS — said to be coming in tablet form this November — will require that all of a user's data be stored in the cloud. A second Fellow, Jim Held, director of Intel's Tera-Scale Computing Research, doesn't think that's necessarily such a good idea.

"We have widely deployed broadband and wireless broadband," he said. "That, however, won't scale, I believe, as fast as the compute capability will, or as data storage is going to scale. So I don't believe we're going into a world in which we're always reaching over that pipe to a cloud for everything we do."

Kahn focused on the murky legal status of remote data storage. "What exactly is the legal status of your data if you're using a cloud service that happens to put one of their data center in France?"

You may not even know that your data has high-tailed it over the border, Kahn concluded. "You're a US citizen, perhaps, you think you're dealing with a US company that's giving you cloud services — but because of the time of day and the maintenance schedule of a data center here, your data happens to be stored in some other country. What's its legal status?"

The answer, according to Kahn, is that nobody really knows. "There are some questions of that ilk that...we really have to get our arms around more widely if we're going to answer some of the privacy and security questions long-term," he said. "So these are really complicated issues that I think are going to modulate how all this stuff rolls out."

Although neither Kahn nor Held mentioned Google specifically — nor, for that matter, did their remarks name Amazon, Microsoft, or any cloud-services provider — their comments raised a note of caution not often heard above the cloudy marketing ruckus.

One questioner asked the assembled Fellows whether cloud computing wasn't actually leading users "back to the future" — back to the days of punch cards and dumb terminals, when computing was done away from the user in a "glass house" in which resided the almighty mainframe, and when users needed to make a request and wait for a response.

Held responded that, yes, there were lessons to be learned from the past. "We're always going to have to learn from the transition away from the punch cards and the glass house," he said, "that people want personal-computing resources in-hand because that scales very, very well — each person having their own computer gives you some privacy and it gives you the [lack of] latency that the rich and immersive visual-computing kinds of applications that are appearing and that people seem to really value are going to need."

Held's cloudy concerns were less about legal turbidity and more about user experience. "Personal computing means people want personal computing," he emphasized. "They want local personal computing."

But he also diplomatically sought a middle ground: "I think there's a natural balance that we'll strike at any given point...between compute on the client and compute remotely." After all, he said, local personal computing "doesn't mean that with good connectivity you can't draw on resources remotely."

Where those resources reside and what their legal status might be, however, needs to be known before the cloud can become a safe and secure working model for not only enterprise IT, but also for consumers. ®